feat(tutorial): initial solution

Signed-off-by: Brandt Keller <brandt.keller@defenseunicorns.com>

Author: brandtkeller

.gitignore

@@ -0,0 +1 @@
+*.tar.zst

01-create-zarf-package/README.md

@@ -0,0 +1,139 @@
+# Part 1: Create a Zarf Package
+
+Zarf packages all the contents of your application into a single OCI artifact that can be deployed into an airgapped environment. In this part, you'll create a Zarf package for [ArgoCD](https://argo-cd.readthedocs.io/) from scratch.
+
+Create a working directory and navigate into it:
+
+```bash
+mkdir zarf-package && cd zarf-package
+```
+
+## Step 1: Create the Package Definition
+
+The most important piece of a Zarf package is the `zarf.yaml` file. It follows the [Zarf package schema](https://github.com/zarf-dev/zarf/blob/main/zarf.schema.json) and defines both the package metadata and the components to deploy.
+
+Create a `zarf.yaml` file with the following content:
+
+```yaml
+kind: ZarfPackageConfig # ZarfPackageConfig is the package kind for most normal zarf packages
+metadata:
+  name: argocd       # specifies the name of our package; should be unique and stable across updates
+  version: 9.4.4     # (optional) a version to track as you release updates or publish to a registry
+  description: |     # (optional) a human-readable description of the package
+    "A Zarf Package that deploys the ArgoCD platform"
+```
+
+## Step 2: Add the ArgoCD Component
+
+In a Zarf package, **components** are the units that define an application stack. They can include Kubernetes manifests, configuration files, Helm charts, and more. Components are defined under the `components` key in `zarf.yaml`.
+
+For more details, see [Understanding Zarf Components](https://docs.zarf.dev/ref/components/).
+
+Add the following to the bottom of your `zarf.yaml`:
+
+```yaml
+components:
+  - name: argocd # specifies the name of our component; should be unique and stable across updates
+    description: | # (optional) a human-readable description of the component
+      "Deploys the ArgoCD packaged chart into the cluster"
+    required: true # ensures this component is always deployed
+    charts:
+      - name: argo-cd
+        version: 9.4.4
+        namespace: argocd
+        url: https://argoproj.github.io/argo-helm
+        releaseName: argocd-baseline
+        valuesFiles:
+          - baseline-values.yaml
+```
+
+The `url` field points directly to the upstream ArgoCD Helm repository — the same source you'd use with `helm repo add`. When you build the package, Zarf fetches the chart from that URL and bundles it into the tarball, so the airgapped environment gets an unmodified copy of the upstream chart. Local chart directories are also supported if you need to package a custom or vendored chart.
+
+## Step 3: Create the Values File
+
+The `valuesFiles` entry above references a `baseline-values.yaml` file. Create it in the same directory with the following content:
+
+```yaml
+redis-ha:
+  enabled: false
+
+dex:
+  enabled: false
+
+notifications:
+  enabled: false
+
+redis:
+  image:
+    repository: docker.io/library/redis
+```
+
+> [!NOTE]
+> These values are needed at package creation time because the `zarf dev find-images` command (used in the next step) templates the Helm chart to discover required images. Providing values now ensures that templating succeeds.
+
+## Step 4: Find the Images
+
+Zarf packages all required container images alongside your application so they're available in a disconnected environment. The `zarf dev find-images` command templates your Helm chart and identifies every image that will be needed.
+
+Run this in your `zarf-package` directory:
+
+```bash
+zarf dev find-images
+```
+
+You should see output similar to:
+
+```yaml
+components:
+  - name: argocd
+    images:
+      - docker.io/library/redis:8.2.3-alpine
+      - quay.io/argoproj/argocd:v3.3.2
+      # Cosign artifacts for images - argocd
+      - quay.io/argoproj/argocd:sha256-5882f28f7aaeaac397949c4511fdc1ad66c1260af44166ccf7e57aca3d7b9797.att
+```
+
+Copy the full `images` list from your output into the `argocd` component in your `zarf.yaml`, replacing the two images you added in Step 2.
+
+## Step 5: Set Up a Zarf Connect Service
+
+Zarf Connect Services let you quickly connect to a deployed application by watching for specific Kubernetes service labels and annotations. After deployment, Zarf surfaces any discovered connect endpoints.
+
+Add the following to your `baseline-values.yaml` file:
+
+```yaml
+server:
+  service:
+    labels:
+      zarf.dev/connect-name: argocd
+    annotations:
+      zarf.dev/connect-description: "The Argocd UI service"
+```
+
+This adds a label/annotation to the argocd server service which zarf can discover once deployed to the cluster.
+
+## Step 6: Build the Package
+
+With your `zarf.yaml` and `baseline-values.yaml` in place, build the package:
+
+```bash
+zarf package create .
+```
+
+Zarf will pull down all referenced resources and bundle them into a package tarball. When it completes, list the directory to confirm:
+
+```bash
+ls
+```
+
+You should see a file named something like `zarf-package-argocd-amd64-9.4.4.tar.zst` (the architecture segment will match your system). Zarf also embeds a Software Bill of Materials (SBOM) into each package automatically.
+
+---
+
+## Reference Solution
+
+If you get stuck, a complete working solution is available in the [`solution/`](./solution/) directory.
+
+---
+
+**Next:** [Part 2: Deploy a Zarf Package](../02-deploy-zarf-package/README.md)

01-create-zarf-package/solution/baseline-values.yaml

@@ -0,0 +1,19 @@
+redis-ha:
+  enabled: false
+
+dex:
+  enabled: false
+
+notifications:
+  enabled: false
+
+redis:
+  image:
+    repository: docker.io/library/redis
+
+server:
+  service:
+    labels:
+      zarf.dev/connect-name: argocd
+    annotations:
+      zarf.dev/connect-description: "The Argocd UI service"

01-create-zarf-package/solution/zarf.yaml

@@ -0,0 +1,25 @@
+kind: ZarfPackageConfig # ZarfPackageConfig is the package kind for most normal zarf packages
+metadata:
+  name: argocd       # specifies the name of our package; should be unique and stable across updates
+  version: 9.4.4     # (optional) a version to track as you release updates or publish to a registry
+  description: |     # (optional) a human-readable description of the package
+    "A Zarf Package that deploys the ArgoCD platform"
+
+components:
+  - name: argocd # specifies the name of our component; should be unique and stable across updates
+    description: | # (optional) a human-readable description of the component
+      "Deploys the ArgoCD packaged chart into the cluster"
+    required: true # ensures this component is always deployed
+    charts:
+      - name: argo-cd
+        version: 9.4.4
+        namespace: argocd
+        url: https://argoproj.github.io/argo-helm
+        releaseName: argocd-baseline
+        valuesFiles:
+          - baseline-values.yaml
+    images:
+      - docker.io/library/redis:8.2.3-alpine
+      - quay.io/argoproj/argocd:v3.3.2
+      # Cosign artifacts for images - argocd
+      - quay.io/argoproj/argocd:sha256-5882f28f7aaeaac397949c4511fdc1ad66c1260af44166ccf7e57aca3d7b9797.att

02-deploy-zarf-package/README.md

@@ -0,0 +1,73 @@
+# Part 2: Deploy a Zarf Package
+
+In Part 1, you built a Zarf package for ArgoCD. In this part, you'll deploy that package to your local Kubernetes cluster and access the ArgoCD dashboard.
+
+Make sure you're in the same `zarf-package` directory you used in Part 1.
+
+## Step 1: Inspect the Environment
+
+Confirm the package tarball from Part 1 is present:
+
+```bash
+ls
+```
+
+You should see a file like `zarf-package-argocd-amd64-9.4.4.tar.zst`. The architecture may be different depending on your local machine.
+
+Also verify your cluster is reachable:
+
+```bash
+zarf tools kubectl cluster-info
+```
+
+## Step 2: Deploy the Package
+
+Run the deploy command:
+
+```bash
+zarf package deploy zarf-package-argocd-amd64-9.4.4.tar.zst
+```
+
+Zarf will prompt you to select the package (if multiple are present) and confirm each component before deploying. Accept the defaults to proceed.
+
+Once deployment completes, verify the ArgoCD resources are running:
+
+```bash
+zarf tools kubectl get all -n argocd
+```
+
+You should see the pods, services, deployments, and replica sets that make up the ArgoCD Helm chart.
+
+## Step 3: Retrieve the ArgoCD admin password
+
+Before we access the ArgoCD Dashboard, we need to retrieve the automatically generated admin password:
+
+```bash
+zarf tools kubectl -n argocd get secret argocd-initial-admin-secret \
+          -o jsonpath="{.data.password}" | base64 -d; echo
+```
+
+## Step 4: Access the ArgoCD Dashboard
+
+> [!NOTE]
+> If you completed the Zarf Connect Service section in Part 1, you can use `zarf connect argocd` as a shorthand for the port-forward command below.
+
+Zarf is designed for environments with limited connectivity, so the ArgoCD service isn't exposed externally by default. Use `kubectl` to set up a port forward:
+
+```bash
+zarf tools kubectl port-forward -n argocd service/argocd-server 42000:80
+```
+
+Then open your browser to [http://localhost:42000](http://localhost:42000).
+
+
+## Conclusion
+
+You've built and deployed a complete Zarf package end-to-end. From here, Zarf has a lot more to offer for air-gapped software delivery:
+
+- Browse the [Zarf examples](https://github.com/zarf-dev/zarf/tree/main/examples) for more complex package configurations
+- Read the [Zarf documentation](https://docs.zarf.dev) for the full feature set
+
+---
+
+**Back:** [Part 1: Create a Zarf Package](../01-create-zarf-package/README.md)

README.md

@@ -1,2 +1,44 @@
-# tutorial
-tutorial repository isolating package create and deploy
+# Intro to Zarf
+
+[Zarf](https://zarf.dev) is an open source tool for packaging and deploying software into air-gapped Kubernetes environments. It bundles everything your application needs — Helm charts, container images, manifests — into a single portable artifact that can be deployed without internet access.
+
+In this tutorial, you'll build a Zarf package for [ArgoCD](https://argo-cd.readthedocs.io/) from scratch, deploy it to a local Kubernetes cluster, and access the ArgoCD dashboard.
+
+## What You'll Learn
+
+- How a `zarf.yaml` package definition is structured
+- How to use `zarf dev find-images` to discover required container images
+- How to build a Zarf package tarball
+- How to deploy a Zarf package to a Kubernetes cluster
+
+## Prerequisites
+
+- [Zarf installed](https://docs.zarf.dev/getting-started/install/) and on your `PATH`
+- A Kubernetes cluster with `kubectl` configured to reach it
+- [Helm](https://helm.sh/docs/intro/install/) installed
+
+### Kubernetes Options
+
+Any local cluster will work. Some common choices:
+
+| Option | Notes |
+|--------|-------|
+| [k3d](https://k3d.io) | K3s in Docker — closest to the Instruqt lab environment |
+| [kind](https://kind.sigs.k8s.io) | Well-documented, widely used in OSS tutorials |
+| [Docker Desktop](https://docs.docker.com/desktop/kubernetes/) | Enable Kubernetes in settings |
+| Existing cluster | Works as long as `kubectl` is configured |
+
+Whichever you choose, verify your cluster is reachable before starting:
+
+```bash
+kubectl cluster-info
+```
+
+## Tutorial Structure
+
+| Part | Description |
+|------|-------------|
+| [Part 1: Create a Zarf Package](./01-create-zarf-package/README.md) | Author a `zarf.yaml`, discover images, and build the package tarball |
+| [Part 2: Deploy a Zarf Package](./02-deploy-zarf-package/README.md) | Deploy the package to your cluster and access ArgoCD |
+
+Work through the parts in order — Part 2 depends on the package tarball produced in Part 1.